Ports to block?

To: debian-security@lists.debian.org
Subject: Ports to block?
From: Brandon High <armitage@freaks.com>
Date: Thu, 5 Apr 2001 12:57:24 -0700 (PDT)
Message-id: <Pine.LNX.4.21.0104051250560.29975-100000@xenophobe.freaks.com>

Does anyone have a recommendation of ports that should be blocked (via
ipchains/netfilter/etc) to make a system more secure?

In light of the recent security holes, I did a netstat -an, then lsof -i for
all ports that were listening and/or UDP. I put a filter in the way of
everything that I didn't want externally visible, but UDP port 1028 shows
nothing listening lsof. I blocked it out of principle, but does anyone know
what it might be?

-B

-- 
Brandon High                                     armitage@freaks.com
We are Homer of Borg. Resistance is ... Ooo! Donuts!

Reply to:

Follow-Ups:
- Re: Ports to block?
  - From: Adam Spickler <adam@whaddu.com>
- Re: Ports to block?
  - From: Pedro Zorzenon Neto <pzn@terra.com.br>
- Re: Ports to block?
  - From: Alex Swavely <aswavely@softwarerevolution.com>
- Re: Ports to block?
  - From: Steve Ball <steve@netlink.demon.co.uk>
- Re: Ports to block?
  - From: "Timothy H. Keitt" <Timothy.Keitt@StonyBrook.Edu>

Prev by Date: Re: [SECURITY] [DSA 045-1] ntp remote root exploit fixed
Next by Date: Re: [SECURITY] [DSA 045-1] ntp remote root exploit fixed
Previous by thread: Re: [SECURITY] [DSA 045-1] ntp remote root exploit fixed
Next by thread: Re: Ports to block?
Index(es):
- Date
- Thread